LastPass “noticed an issue”, asks users to change master passwords

This site may earn affiliate commissions from the links on this page. Terms of use.

The hacks keep coming: this time the victim is LastPass, a service that many use to enhance their password security. LastPass is one of the services that people generally turn to when they need a way to use multiple passwords for different e-mail accounts and web services, but they don’t want to have to remember a ton of them.

Since it’s dangerous to keep one password to log into every website or service that you use, LastPass allows you to mix them up and make multiple strong, difficult-to-crack passwords and shield them behind your LastPass account, which you only need one password to access. Now LastPass itself has announced they were possibly hacked.

On the LastPass blog, the company notes that they “noticed an issue,” and as a precaution, they want all LastPass users to change their master passwords. They noticed an anomaly in their logs that involves a data transfer from their database servers, and instead of guessing while they investigate, they fear the worst and are going to behave as such.

They note that the amount of data obtained by the hackers may have been enough to include passwords, but only in encrypted form. That means that users with simple dictionary word passwords that would fall under a brute force attack may be in danger, but everyone else should be okay.

Regardless, the service wants everyone to change their passwords just to make sure the data transferred is no longer viable. Unfortunately however, some users are reporting difficulty changing their passwords or using LastPass’ password reset feature. Some users also reported issues attempting to change their passwords from a different IP than the one they used to submit the reset request.

LastPass updated their blog post to announce they’ve resolved the IP issue, but that they’re still overwhelmed. They’re asking everyone to slow down and hold off changing their passwords unless they’ve been asked to. The company is also taking the opportunity to roll out additional security features, like stronger encryption on both the site and local LastPass desktop and mobile clients.

Speak Your Mind

I paid $32.67 for a XBOX 360 and my mom got a 17 inch Toshiba laptop for $94.83 being delivered to our house tomorrow by FedEX. I will never again pay expensive retail prices at stores. I even sold a 46 inch HDTV to my boss for $650 and it only cost me $52.78 to get. Here is the website we using to get all this stuff, BuzzPenny.com